MyDoom damage estimate termed absurd

Vmyths, a site which describes itself as being dedicated to the eradication of computer virus hysteria, has questioned an estimate of the damage caused by the MyDoom worm, dismissing it as absurd. The estimate of $US38.5 billion was put out by the London-based firm mi2g.

Vmyths regularly puts out what it calls a Hysteria Alert. In the latest alert, editor Rob Rosenberger said: "In our previous Hysteria Alert, we predicted "someone will soon declare a 'guesstimate' damage value for the MyDoom virus/worm, strictly for its PR value."

Rosenberger said this figure was 1.6 percent of the US federal budget proposed for the next fiscal year or 40 percent of the damage caused to New York City by the attacks on September 11, 2001. It was also more than double the cost of Hurricane Andrew in 1992.

"We asked it before and we'll ask it again - why do British fearmongers so often give guesstimates in US dollars?" he asked.

Asked how the firm had estimated the damage, a mi2g spokesperson said: "The EVEDA algorithm is a component of SIPS and estimates economic damage on the basis of help desk support, overtime payments, contingency outsourcing, loss of business, bandwidth clogging, productivity erosion, management time reallocation, cost of recovery and software upgrades."

SIPS stands for Security Intelligence Products and Systems. EVEDA stands for Economic Valuation Engine for Damage Analysis and is a component of SIPS, according to mi2g.

The spokesperson said economic damage for malware and spam was calculated on the basis of sampled damage data on the basis of these variables combined with estimates of the number of machines infected. "We prefer to limit our model for such damage to these factors even though actual losses could be higher due to brand damage and other factors. Of course, most virus carrying emails are stopped by filters, but EVEDA also takes into account the cost of bandwidth involved for individual users.

"Anecdotal evidence helps us to confirm the scale of the estimate - at the height of the MyDoom attack, one large London firm we know had to close down their offices for a couple of days as they were being continually swamped by virus carrying emails, undeliverable notifications and virus alert messages."